If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

brute force hydra?

I keep reading these little things off google to see if I can find the correct way to do this, but I just can't find it...

I've set up a teamspeakRC2 server on my ubuntu box below me, the only user with server administrator auth is "tangent" however, my password is an amalgamation of numbers and letters
pass: t4m3110n (tame lion)
but I know I won't get that password out of a normal dictionary attack. I've brute forced before using brutus (blargh) for windows. and I think there SHOULD be a way to make hydra do the same.

also, something I've found, people that use wordlists call hydra a "brute forcer" ... I believe we have forgotten what brute force means...

I keep reading these little things off google to see if I can find the correct way to do this, but I just can't find it...

I've set up a teamspeakRC2 server on my ubuntu box below me, the only user with server administrator auth is "tangent" however, my password is an amalgamation of numbers and letters
pass: t4m3110n (tame lion)
but I know I won't get that password out of a normal dictionary attack. I've brute forced before using brutus (blargh) for windows. and I think there SHOULD be a way to make hydra do the same.

also, something I've found, people that use wordlists call hydra a "brute forcer" ... I believe we have forgotten what brute force means...

I agree that dictionary, wordlist, and bruteforce attacks have lost some of their meaning. When I think of a dictionary attack I think that words are in the dictionary. A wordlist attack is a list of words that are not in the dictionary like the list of species found in star trek like Klingon or Lycocian. Then there is a list that contains all possible combinations of letters, number, and symbols. This one didn't have a name so I call it a combination file. The difference between a combination file and bruteforce attack is the combination file is already generated so the attack will be much faster. The downside to a combination file is its huge size as the size is the number of characters in the character set (26 for upper or lowercase, 36 for upper or lowercase and numbers, 95 for upper, lower, numbers, and symbols in english) ^ length of password. So 95^7 = 69,833,729,609,375 bytes or 70 TB so not really practical.

okay, well, what I'm trying to get at is it would be nice to be able to pipe in a bruteforce wordlist generator (or combo list generator) to make a temp file, constantly deleting the unused words (or combos)
hmm
I guess what I'm asking is if I could make hydra test all possible combinations of letters and numbers as passwords.

I'm accessing the server via my own network, it's on a server box under my feet so I can keep files on it and such, with my eeepc running BT3 live from partition on an sdhc card

okay, well, what I'm trying to get at is it would be nice to be able to pipe in a bruteforce wordlist generator (or combo list generator) to make a temp file, constantly deleting the unused words (or combos)
hmm
I guess what I'm asking is if I could make hydra test all possible combinations of letters and numbers as passwords.

I'm accessing the server via my own network, it's on a server box under my feet so I can keep files on it and such, with my eeepc running BT3 live from partition on an sdhc card

... also, can't get hatelist to work xD

You can use crunch to generate the word and then feed the word to hydra.
Something like this:
crunch 1 8 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWX YZ0123456789 | hydra -l "" -P "" -f -v -e ns 192.168.1.1 http-get /
would be a quick guess. The above IS TOTALLY UNTESTED AND WILL PROBABLY NOT WORK. But it does give you a starting point.

about crunch; i know but after it "created" hydra shold read it but like bofh28 said "The above IS TOTALLY UNTESTED AND WILL PROBABLY NOT WORK" so i decide to write it an out put but it still fails is has to be with http-get?